A survey on automated log analysis for reliability engineering
Logs are semi-structured text generated by logging statements in software source code. In
recent decades, software logs have become imperative in the reliability assurance …
recent decades, software logs have become imperative in the reliability assurance …
The security reference architecture for blockchains: Toward a standardized model for studying vulnerabilities, threats, and defenses
I Homoliak, S Venugopalan… - … Surveys & Tutorials, 2020 - ieeexplore.ieee.org
Blockchains are distributed systems, in which security is a critical factor for their success.
However, despite their increasing popularity and adoption, there is a lack of standardized …
However, despite their increasing popularity and adoption, there is a lack of standardized …
Tactical provenance analysis for endpoint detection and response systems
Endpoint Detection and Response (EDR) tools provide visibility into sophisticated intrusions
by matching system events against known adversarial behaviors. However, current solutions …
by matching system events against known adversarial behaviors. However, current solutions …
Kairos: Practical intrusion detection and investigation using whole-system provenance
Provenance graphs are structured audit logs that describe the history of a system's
execution. Recent studies have explored a variety of techniques to analyze provenance …
execution. Recent studies have explored a variety of techniques to analyze provenance …
Shadewatcher: Recommendation-guided cyber threat analysis using system audit records
System auditing provides a low-level view into cyber threats by monitoring system entity
interactions. In response to advanced cyber-attacks, one prevalent solution is to apply data …
interactions. In response to advanced cyber-attacks, one prevalent solution is to apply data …
[PDF][PDF] You Are What You Do: Hunting Stealthy Malware via Data Provenance Analysis.
To subvert recent advances in perimeter and host security, the attacker community has
developed and employed various attack vectors to make a malware much stealthier than …
developed and employed various attack vectors to make a malware much stealthier than …
Sok: History is a vast early warning system: Auditing the provenance of system intrusions
Auditing, a central pillar of operating system security, has only recently come into its own as
an active area of public research. This resurgent interest is due in large part to the notion of …
an active area of public research. This resurgent interest is due in large part to the notion of …
[HTML][HTML] RanSAP: An open dataset of ransomware storage access patterns for training machine learning models
M Hirano, R Hodota, R Kobayashi - Forensic Science International: Digital …, 2022 - Elsevier
Ransomware, the malicious software that encrypts user files to demand a ransom payment,
is one of the most common and persistent threats. Cyber-criminals create new ransomware …
is one of the most common and persistent threats. Cyber-criminals create new ransomware …
{PROGRAPHER}: An Anomaly Detection System based on Provenance Graph Embedding
In recent years, the Advanced Persistent Threat (APT), which involves complex and
malicious actions over a long period, has become one of the biggest threats against the …
malicious actions over a long period, has become one of the biggest threats against the …
Depcomm: Graph summarization on system audit logs for attack investigation
Causality analysis generates a dependency graph from system audit logs, which has
emerged as an important solution for attack investigation. In the dependency graph, nodes …
emerged as an important solution for attack investigation. In the dependency graph, nodes …